Analysis Overview
Threat Level: Known bad
The file https://shorturl.at/xgEhp was found to be: Known bad.
Malicious Activity Summary
Browser Information Discovery
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Modifies registry class
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-12-01 04:30
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-12-01 04:30
Reported
2024-12-01 04:53
Platform
win10v2004-20241007-en
Max time kernel
929s
Max time network
930s
Command Line
Signatures
Browser Information Discovery
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\cr.sb.cdmf5200eafd3ad904629cbb0f87a78a3c7211081fe | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\cr.sb.cdmf5200eafd3ad904629cbb0f87a78a3c7211081fe\Children | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3350944739-639801879-157714471-1000\{B09CA976-4ED5-41BE-A53C-230C53AABA00} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-993994543-2095643028-780254397-2751782349-1045596949-3142982554-3368930949 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-993994543-2095643028-780254397-2751782349-1045596949-3142982554-3368930949\DisplayName = "Chrome Sandbox" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-993994543-2095643028-780254397-2751782349-1045596949-3142982554-3368930949\Moniker = "cr.sb.cdmf5200eafd3ad904629cbb0f87a78a3c7211081fe" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3350944739-639801879-157714471-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Mappings\S-1-15-2-993994543-2095643028-780254397-2751782349-1045596949-3142982554-3368930949\Children | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument https://shorturl.at/xgEhp
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcfcbe46f8,0x7ffcfcbe4708,0x7ffcfcbe4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2056,7147354906989377207,12813738995897802580,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2068 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2056,7147354906989377207,12813738995897802580,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2120 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2056,7147354906989377207,12813738995897802580,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2720 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,7147354906989377207,12813738995897802580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3284 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,7147354906989377207,12813738995897802580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3296 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,7147354906989377207,12813738995897802580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5008 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2056,7147354906989377207,12813738995897802580,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5408 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2056,7147354906989377207,12813738995897802580,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5408 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,7147354906989377207,12813738995897802580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4848 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,7147354906989377207,12813738995897802580,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2328 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,7147354906989377207,12813738995897802580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4788 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,7147354906989377207,12813738995897802580,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3572 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2056,7147354906989377207,12813738995897802580,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=1736 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2056,7147354906989377207,12813738995897802580,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1696 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,7147354906989377207,12813738995897802580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5616 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=media.mojom.MediaFoundationService --field-trial-handle=2056,7147354906989377207,12813738995897802580,131072 --lang=en-US --service-sandbox-type=mf_cdm --mojo-platform-channel-handle=5488 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2056,7147354906989377207,12813738995897802580,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5560 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2056,7147354906989377207,12813738995897802580,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=3096 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2056,7147354906989377207,12813738995897802580,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=4888 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,7147354906989377207,12813738995897802580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5948 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,7147354906989377207,12813738995897802580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3508 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,7147354906989377207,12813738995897802580,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5944 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | shorturl.at | udp |
| US | 172.67.69.88:443 | shorturl.at | tcp |
| US | 8.8.8.8:53 | www.shorturl.at | udp |
| US | 8.8.8.8:53 | www.roblox.tl | udp |
| NL | 91.215.40.22:443 | www.roblox.tl | tcp |
| US | 8.8.8.8:53 | 154.239.44.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.69.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.40.215.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | css.rbxcdn.com | udp |
| US | 8.8.8.8:53 | static.rbxcdn.com | udp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| US | 8.8.8.8:53 | inju.cc | udp |
| GB | 2.18.190.80:443 | css.rbxcdn.com | tcp |
| GB | 2.18.190.80:443 | css.rbxcdn.com | tcp |
| GB | 2.18.190.80:443 | css.rbxcdn.com | tcp |
| GB | 2.18.190.80:443 | css.rbxcdn.com | tcp |
| GB | 2.18.190.80:443 | css.rbxcdn.com | tcp |
| GB | 2.18.190.80:443 | css.rbxcdn.com | tcp |
| NL | 91.215.40.22:443 | inju.cc | tcp |
| GB | 2.18.190.70:443 | static.rbxcdn.com | tcp |
| GB | 2.18.190.70:443 | static.rbxcdn.com | tcp |
| GB | 2.18.190.78:443 | js.rbxcdn.com | tcp |
| GB | 2.18.190.78:443 | js.rbxcdn.com | tcp |
| GB | 2.18.190.78:443 | js.rbxcdn.com | tcp |
| GB | 2.18.190.78:443 | js.rbxcdn.com | tcp |
| GB | 2.18.190.78:443 | js.rbxcdn.com | tcp |
| GB | 2.18.190.78:443 | js.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 13.86.106.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | roblox.com | udp |
| NL | 128.116.21.3:443 | roblox.com | tcp |
| GB | 2.18.190.80:443 | css.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | tr.rbxcdn.com | udp |
| US | 8.8.8.8:53 | images.rbxcdn.com | udp |
| GB | 23.73.139.17:443 | tr.rbxcdn.com | tcp |
| GB | 23.73.139.17:443 | tr.rbxcdn.com | tcp |
| GB | 23.73.139.17:443 | tr.rbxcdn.com | tcp |
| GB | 23.73.139.17:443 | tr.rbxcdn.com | tcp |
| GB | 23.73.139.17:443 | tr.rbxcdn.com | tcp |
| GB | 23.73.139.17:443 | tr.rbxcdn.com | tcp |
| GB | 2.18.190.73:443 | images.rbxcdn.com | tcp |
| GB | 2.18.190.73:443 | images.rbxcdn.com | tcp |
| GB | 2.18.190.73:443 | images.rbxcdn.com | tcp |
| GB | 2.18.190.73:443 | images.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | metrics.roblox.com | udp |
| GB | 128.116.119.4:443 | metrics.roblox.com | tcp |
| US | 8.8.8.8:53 | 80.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.21.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 17.139.73.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ncs.roblox.com | udp |
| GB | 128.116.119.4:443 | ncs.roblox.com | tcp |
| US | 8.8.8.8:53 | 4.119.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ecsv2.roblox.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| NL | 91.215.40.22:443 | inju.cc | tcp |
| US | 8.8.8.8:53 | 217.106.137.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 24.139.73.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | privatemessages.roblox.com | udp |
| US | 8.8.8.8:53 | apis.roblox.com | udp |
| US | 8.8.8.8:53 | accountsettings.roblox.com | udp |
| US | 8.8.8.8:53 | trades.roblox.com | udp |
| US | 8.8.8.8:53 | lms.roblox.com | udp |
| US | 8.8.8.8:53 | 70.208.201.84.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | arkoselabs.roblox.com | udp |
| US | 8.8.8.8:53 | assetgame.roblox.tl | udp |
| NL | 18.239.50.85:443 | arkoselabs.roblox.com | tcp |
| US | 8.8.8.8:53 | crt.rootg2.amazontrust.com | udp |
| NL | 18.239.83.86:80 | crt.rootg2.amazontrust.com | tcp |
| US | 8.8.8.8:53 | 86.83.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 85.50.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.39.65.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.117.168.52.in-addr.arpa | udp |
| GB | 2.18.27.76:443 | www.bing.com | tcp |
| GB | 2.18.27.76:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 76.27.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.roblox.tl | udp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| US | 8.8.8.8:53 | static.rbxcdn.com | udp |
| NL | 18.65.39.25:443 | js.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | css.rbxcdn.com | udp |
| NL | 18.239.18.40:443 | static.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | inju.cc | udp |
| NL | 18.239.83.95:443 | css.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 25.39.65.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 40.18.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.83.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | metrics.roblox.com | udp |
| US | 8.8.8.8:53 | ecsv2.roblox.com | udp |
| GB | 128.116.119.4:443 | ecsv2.roblox.com | tcp |
| GB | 128.116.119.4:443 | ecsv2.roblox.com | tcp |
| US | 8.8.8.8:53 | ncs.roblox.com | udp |
| US | 8.8.8.8:53 | images.rbxcdn.com | udp |
| GB | 128.116.119.4:443 | ncs.roblox.com | tcp |
| NL | 18.239.94.64:443 | images.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 64.94.239.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| US | 8.8.8.8:53 | devtools.azureedge.net | udp |
| US | 13.107.246.64:443 | devtools.azureedge.net | tcp |
| US | 8.8.8.8:53 | 64.246.107.13.in-addr.arpa | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| GB | 2.18.190.81:443 | js.rbxcdn.com | tcp |
| GB | 2.18.190.81:443 | js.rbxcdn.com | tcp |
| GB | 2.18.190.81:443 | js.rbxcdn.com | tcp |
| GB | 2.18.190.81:443 | js.rbxcdn.com | tcp |
| GB | 2.18.190.81:443 | js.rbxcdn.com | tcp |
| GB | 2.18.190.81:443 | js.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 81.190.18.2.in-addr.arpa | udp |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp | |
| N/A | 127.0.0.1:9229 | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 7de1bbdc1f9cf1a58ae1de4951ce8cb9 |
| SHA1 | 010da169e15457c25bd80ef02d76a940c1210301 |
| SHA256 | 6e390bbc0d03a652516705775e8e9a7b7936312a8a5bea407f9d7d9fa99d957e |
| SHA512 | e4a33f2128883e71ab41e803e8b55d0ac17cbc51be3bde42bed157df24f10f34ad264f74ef3254dbe30d253aca03158fde21518c2b78aaa05dae8308b1c5f30c |
\??\pipe\LOCAL\crashpad_3136_BELUFHCKRJBQQVDU
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 85ba073d7015b6ce7da19235a275f6da |
| SHA1 | a23c8c2125e45a0788bac14423ae1f3eab92cf00 |
| SHA256 | 5ad04b8c19bf43b550ad725202f79086168ecccabe791100fba203d9aa27e617 |
| SHA512 | eb4fd72d7030ea1a25af2b59769b671a5760735fb95d18145f036a8d9e6f42c903b34a7e606046c740c644fab0bb9f5b7335c1869b098f121579e71f10f5a9c3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 6e5609b3c2b5da6ee3c309debc668250 |
| SHA1 | 80a1d388f0f873e8be0e2e7a653dd8b2b28445b1 |
| SHA256 | a2fc9bf584510b56ef1a9ca26ea38b97e81f77df5f56b6c74d28195959c65a95 |
| SHA512 | c5e4550fa249f4e5387125d5625d120a490434df41330dd183320caeb8ccbce290b7eadea883e54a436ac5bcffdc219cd433b8dbf6926483bd97599da1dc0adf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 17a0ca66c114cfa02595dddd6a6c4809 |
| SHA1 | 378a74d6601b57c8b05c24197a2dfda420aa4496 |
| SHA256 | 0f6fc8172e6215ceb25f2fab1372eee70ee4e92b977105b23f5874da1fc93037 |
| SHA512 | 206b7bbb0a6bb120d6886a4c3991f4306d25973301de42b9a2c18070958bb701e34e3003f4fc6eca361f73c184014ac5d36c80c1cc6750841301e0e9e1c24b32 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a2cf28fd7a19fb75828e9a840ecb9b19 |
| SHA1 | 21428dcf60fba6da264fb47b013e0c4508aa55ff |
| SHA256 | a63f07a83ecd800b9b007f3fbc680932eec7c6980e2ffe8e3cea323dc1b4d3c1 |
| SHA512 | d9eba6ed34d83eb2b6ad86b63c7f300a5e3453b4d84aa1a4b4c038c0ea371f87d2bf0cc8c09185ae4ae809a2f765f4c875e9e3c1aad34fc940e89c82c0711dc2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe581c2e.TMP
| MD5 | 91008a83bae8517eab13a695886614d2 |
| SHA1 | 569f464e54bf989041d45b3a41b84fc313ba198a |
| SHA256 | a3e64dcdbbb07fd88d7b9bde34c0452206258b2ee1297a23251a248007e43940 |
| SHA512 | d6ffe3a7f6cd898a539a563411e7039f0130cd4f677ef98dc5b540645db2599f1b5f201f6a6f06b692c661dfd83e4478ffc0ef2911f949f75348cc3fe0756dd5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f0bc93bf0718b362f919dd305536cbfe |
| SHA1 | 0847a2b365b86ca18bcfaf766a36a276f74a015a |
| SHA256 | d557bc496118229063457416619e3092231f0811ea2160a670673824da9474a0 |
| SHA512 | bd4f8e19c345dbeb7f1f3d1bba0aca680badcbeaa996b3494c614c892539f96b8949c6d7087ecb45b6254866c8ce71f2d2db436ebbe87abb90efd75d4164dce8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 0a77a45e0eb1c15e714436ba0466c212 |
| SHA1 | 313bbcbe42ed48e2f48d7c940a66b6c65df3f57c |
| SHA256 | 113767d8c965fe6daaafdb6e0722d66d700bd1c65e44cbb6b024bd1299832e4e |
| SHA512 | 390c6a3341219c666154fb5b0876b265f71ede357daabd132b0cd1e5cfd7e8f5d06eac2c8101e9988879272267f02501088e3e52252e4ccbac9d8b0c3a1b701e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 27226d08ca22ab499e119e6c12f9a5cd |
| SHA1 | a8dd54db924b4483574986abaca28f2a1d11b091 |
| SHA256 | 8ad3c4cd4bade19b5405e24cf94554b5a4da1e651f8500f70dbb1d8c79bf6214 |
| SHA512 | 961cbde987a06b186fbfd89bb6dae0eb577f337f92916e85ddb0eb06dbe8164471d72a024e3a881ae828e27fc84963bde59856973fe0e8de4fe9ecd315d4502e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a67aeb81badb775a707a13cf35f2ea6b |
| SHA1 | 23daca1e9128819d1772394fe048f84d54e80a3a |
| SHA256 | b4d154497a3d1114967fe20089192ee35174ee9c5853eab8b151c853a79f071d |
| SHA512 | 4d177e232d611a6f24dc94b873b30ac958426b4b483379d31788cb246e2171c7d63afebbc3353f5b4e4558c3ec97634eaeb0fbff694878de47e21db3862bd7ba |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 8ba7adf5036e3248477a997e7b0eae2d |
| SHA1 | aca69584c521426386986fecaa09e553adadc230 |
| SHA256 | c5fb78fb074fad260dc67c94c0375db50ed968218259a345f483fca8aa42afcf |
| SHA512 | cf4a2ca4e9ff85829fb66f7730de54fa50f605f7133695b80ff88816872e5f05f3c17153bdf812584cef69791dfdc779a5f4395cd51352face3ea212590974f0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 1f9c58c102ade3f82f787f2252e7886a |
| SHA1 | c9e730ecb49c0b7faa20a2b1ec3639fd4e1297dc |
| SHA256 | e437bd6f227988985a9313fb38608db40d2bb211d62bc3dfd2e6ad97f170d6d5 |
| SHA512 | 35815d539fdae6a061f8468abb1cae07cefa7b10931d5aef49daf98e04dcfa0fbb3fe3d104e7bd548348a2fab82233c1898cfc3e1e29ad3e74b556c36ae01315 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | e5735b3ab0d590f27ddab63ba8f626fc |
| SHA1 | 1a2f56611030c2749c7b68aea3f38b9569f52da9 |
| SHA256 | c27792c7e3afec889f21e5ad445022fcd1718b70c7a08854b9bc3777f4bb1bbb |
| SHA512 | e373c5b2201f5454469580a71a2bf22cbaaeefefd29a44ad7f85601622f08343404727707e41c99900a257472455fc1a6021306dcca74f712fcc6c123a97a147 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | cb81b712fdaa7654f21a47da10948170 |
| SHA1 | 0fee87e3cbfe4e86c959b5473de7c55ae8265add |
| SHA256 | ac01499c8cbd913a2d284a48d580a0753cc40e22aac4a2948476eed9f432370f |
| SHA512 | ebe312a5bbbe3096c057801c61bda540368feabd074e98acbfb8c1cfb151eadb0084a63a6c4f121e16f11b24a6b720297930813cb4c1b841b64253b3a8fdae6c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 51a3780b30e2f1906deaabb41ace5e00 |
| SHA1 | 26c98ba24b0e348c46f94d445b801bb9dc7a5dcb |
| SHA256 | 9e10e6d04dcd0b4a26e4053567b35561aef6155ae933e399a0a06e2fd0fd545e |
| SHA512 | 6f5e0563347aff67010d04c7f79f361441c0bf742d4e8310ccac3b2c37d4dab547d32c535576944152e460c6050060fa57ad7c91095b3c831ff8226cd0bdb394 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 740f56b6f4f185ed296c70cc4560da67 |
| SHA1 | 938526f7fad6ab3f05f436b1276b87c885c68f09 |
| SHA256 | f9f5d70e2404da0d81054a1bc6c18bb2e7175a66d7bdf4427e8f41a3fa34e401 |
| SHA512 | 1cbb9454e18889232dfbc5cca4860d1786163a18c33ed0f8e6c268b369f943963102e5143c0a639c8038bb11d2266d3286a61a1f58916dbf866fe6e00d158d65 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | da38036ef73757026d8d7fe64634662d |
| SHA1 | 7c5474823c0950fe248b8152e54209527384d9f5 |
| SHA256 | 3e1fba1887cc009d256d65ec0d93ce35cc7ddb45e3014d963e6be1aa27583d9b |
| SHA512 | 2db8369e9a9c7d3e2ebf1c473743ed622ec71a24e086c59491b3b9aba9db5e40480bf5bdf2ed4dfab2d43511c69aaefc85e987510708470503e65eae8423630e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 16b5961a5b9798d41b98439d8f0f3727 |
| SHA1 | 8956935b129345acb1d917270d7dc533481e0542 |
| SHA256 | 46cb52a8199339eaa67b17397220f888ab6546f1cafeea1f9f8dda931ce9ef0c |
| SHA512 | 9fede384414061d90ce3de5d8d7e895cd335eaa5f4562be8d5652425659cea15d85fc89f8dee36ac304501d4a8a2395fccc6a0f2e1bf2677097eac0850a17903 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | a2a5e8371683504f34ed6e69945c27f4 |
| SHA1 | 62093bdfe89c9268587a888b428dd61ddd6b661a |
| SHA256 | 0487389c9b394ed7430724f7989ef102ea33027f406f403670cb949735b6988f |
| SHA512 | 0441e26706d0cfb1a7b903ad48c3d2b6a3f9ae5ef2a982a99f5ae99c4e6e1a5ee2fac45facbcf1c419b7d46ccbae68a86bf23e11bc46b4493b94fba31794f51a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 32b34a98481edc78e844f3730f53d6ce |
| SHA1 | 5decb856e6cf3e067fccc59bec9cb1b894a033e5 |
| SHA256 | 94c5465a7df7e369467796b1d1ed879edbedcfba6450731f33cc340f139927ca |
| SHA512 | ffba0e38a074bf1842a6c9324975acc03bdac5a2a45ba68647bf93f36101eb9f83ac9e242a2e4bed9dafa054896328031a0d08a9b552850736b66a9ff093b87e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | be4f6c5190daca9338416386fb90b67b |
| SHA1 | f194b2a6ee97a3418b779ac13cfe21dbc672d114 |
| SHA256 | 1bfacfa8ab577ee6a500ee8684d8e55d1d3bce5dcf290a7deed7d637f0581c62 |
| SHA512 | d6584ef2578f028600ddd9f373292ab65cdbb1597b5e1a49f56d17af533a331a100101dbc80e4c65bdb98caf481b90a9627dc2650f59a2ca68b480a26c1dd4f2 |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | eff6fdc215a7887ffac6a7d68f7ae500 |
| SHA1 | b72b67316c584735c596eee7199293ce86d1958a |
| SHA256 | 1e02e18f8f54477777bc447779ebff1fda97f179058757165e46e960ea5ede1e |
| SHA512 | 1a3e11e8723ece9dfc942ca1b007ba3c95c7483fa9d7d2e87723b22b2d8fb20cb842bdbb4672a0740861ac026e978761eff04fe9453a6b8b001d23ff155d85ff |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 2b2b3dc5dd944ebede2569cfef96b42e |
| SHA1 | 31d8e6d8dc89a342a64233cf6facaa5bc3a27836 |
| SHA256 | 718db401ace4c497a73ec6f3d097b6aaa3a5317112149d1ce3ec3c6f14ad2d3a |
| SHA512 | caff01585118a73b1c0d53e806291ea9345355fd9d87c2cacafb4fdcc63970ac711902a78792d585798587e6599394d46f2b5948ee79c905a09abda75e1a7a88 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 9f7b46ce2b6bdfd96bc6a18763a6b0c3 |
| SHA1 | 7a4c2f294baee5ee68eea9dce364cf546e963ae5 |
| SHA256 | 3f33ef93298da02431c6f8aeb5043b012afd416f7cbeb8a284484174fc25c7eb |
| SHA512 | 187767428acf032d0c5a57c91a2efd57b992d17b0273d12fa180751950db5ee132ab19230206fcf10dd2d02043613f8d9ec5f9870785d77ffb010e46a114a6e6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 44cc36dc66011c4a9cd06b35c1a7df8b |
| SHA1 | fa101d689336a01837d5ba6ba7672d42c6bd7328 |
| SHA256 | 06bdbf1375acc7b2b6c1942dbcd3d84e9505d1bf4906650e1a34b0e650ae4e24 |
| SHA512 | 51e67d0fc2166b288c765e1e6d49f653305f432ba5c0dec6b6ee7855916809a1c63f2f75dacfb267ca97899a6653c876a9ce390175bd450f14788e7d4c9181fe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | cc58190705ea61850f89a466a9d98a29 |
| SHA1 | acdfc9ff0873155607f00bd0a8e5561f4e3fa3e3 |
| SHA256 | d89256c492fffcc5fb9576560cc9b65e86d19af3ab817295c95297cb5338c84d |
| SHA512 | a58d21c0e95b7814b7c7c4775f378718545a04bc9e3c6a21775d8b29849094ecc9a90c2115890d121eec51ca79d77e47e2cb8ac1f8ffa7bea50018297bca3961 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | bb9295e261a9250a86440ad36dc2b406 |
| SHA1 | c29c40c186c3af211ab2792f83a162418e004832 |
| SHA256 | 9e1c0b68e227fb5902bc163c6db18008e5c5e68266c7adc77e582624183ea1da |
| SHA512 | 4a07f623a127c31e06dd5bd7a6950e84d7dd4ff03324107fc92a399cfec06b68ec8d5614a745d6f9c06e9f997eb21bc258496d3a2c97d3d17c277566b0c81f12 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | ed9c722fff7887a64320b29527c94684 |
| SHA1 | 700db2a587ab490dad913782d863ed5d87e4bdea |
| SHA256 | a63a24420718aff3d3550898df7fe0a1ec91269293d4224f326a6f0b0e7f0325 |
| SHA512 | f948ed83b9cff86773c52f9e35a7aac6085b7c468b8e5a4418d56a06fe30ee5eebe11bed58b5a25d4763e2e3c4b1fdfaf0ec16e27c46ba5302fc970028ca4593 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c4b6348ae40e965d8b5398db6e8541da |
| SHA1 | 11b65c4acabba6b1e2049ac3edb407d178c8f385 |
| SHA256 | 9fb872bd5d43c41f34a4b2773bfec48ca3a7b760550bcccc8bb97800d94cdfa4 |
| SHA512 | 620aeb0242fb95e4ff3a11622f0d42528a88c5a4ca490a0ba0262ca4769303201b8d9fa98db0845e83221aa2f5defe5ee5c6cb8e55f6aed950f0c14060082576 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005
| MD5 | 8dff9fa1c024d95a15d60ab639395548 |
| SHA1 | 9a2eb2a8704f481004cfc0e16885a70036d846d0 |
| SHA256 | bf97efc6d7605f65d682f61770fbce0a8bd66b68dac2fb084ec5ce28907fbbdb |
| SHA512 | 23dd9110887b1a9bbdbcc3ae58a9fe0b97b899ad55d9f517ff2386ea7aac481a718be54e6350f8ba29b391cc7b69808c7a7f18931758acce9fbf13b59cee3811 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b45b7e803af53dfd753e2092368cd92f |
| SHA1 | 4ff78aafbb570521935119bab18fbb7ff99b4460 |
| SHA256 | 29c7d87284c7d7c2bf96f071ef0209fc2168d56fac979b5bbe3b19e9d3f245a2 |
| SHA512 | 985ba4d476e4b7456841101aeef4d7935e828b33e607258f7d29b47d11ce8373e375916df4e87349a901b5f52568fb3ae1b15d5cd81454b60e072c3a0310ce15 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 095ddb1eec3c3b5873b9fef6614f4db6 |
| SHA1 | f2706568f44ed65437a8d1a148d35079f8ddb919 |
| SHA256 | 6f7f03f5032049b617e67e26be9825db400f0abced6d7d7516c7e230ff3ef76d |
| SHA512 | 86cd807378a292871f97d0954c66367d4fba9e2d1f00b50644347e619b7a6348f4ca10510a183bbe2af759252167c40a0512a6316c620aa9ac04f2660c5633d7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 101cc28f50aaff3c1ba2983dbd3ca750 |
| SHA1 | 02cca27bbbc7cb42bda9f7791159037398023ee3 |
| SHA256 | fd32f20b95f74cb77a8f6d6bc1dc1474c8260c70f51e57a52ea7b939793234fd |
| SHA512 | 58714a0b00bf814746addb6b6b71714e3f1bdaf7283430c2828a02f1f57a9946d4ee7c0e4a71029e005d1d9a8ce95b9ee180146896b6ae7f6b4ac02122a973cf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 8bd34535d0e0081563e6ca44bb8f6b6a |
| SHA1 | ddacf79dd88e2f792a9fdbe9010fe6757a6ebf7c |
| SHA256 | f330a77dcad079caf37773073d3cddb04648b388e6ccce2489f9be6955e1ef81 |
| SHA512 | 320dd22629ac4d3f4505dc02c235b41d504f71b572635caf717ba5c2a1d2bf4a2518a2a2f8f36f11d4f9a6665c7bb8006a9cc55f3e83a03b1c099c398f9d0536 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | dbc7e0bb5f5aabfe39363f43cb102d95 |
| SHA1 | aacefba3af711491c6a0aaea0bdfa56706c15265 |
| SHA256 | 043138d892278481a650fad2a7a271458a8fe39e4161792b4b3fb0066e5a1355 |
| SHA512 | a5ffc20e99cc1d1dedbc49f99cd917e236387e771d6c7ca178449dca98a5b578c2d2cc1a5c014ec1b5a73fa221efcf07883bccfd7aaab5e516b20582dfd4baf7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 5c5b5e3fcd56d92648caab1da9239615 |
| SHA1 | 4bcc9d5f503ccb0a314f2e244af19db462875dad |
| SHA256 | fa3995656187f1a994c7819328c96648083fcbbb0b57b6009c99f967ca013511 |
| SHA512 | 231f0ff552e696803c3c21a2b779fde4f7781d7483e2aab4c7b53aa73db862a708b7605a1489c1395855ba14045d571fe3f1d6547d5a17b9c3767f7466b6798f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b3c80721f198fc48a8db54aa83c8faa5 |
| SHA1 | 22375c9b1702dc01c2d48f02892f3d1dba90011e |
| SHA256 | a0d88c456492ff1f26460540188d2e673c888c71c9fcf8c7d47a61c0316cb5d3 |
| SHA512 | 0436051ef3bb33f2c583ee216f8413e452dbda6a1c1004114596fea9ec52d81f4759ee43846e3549d65d83414e2e26d353cf2eec47325cbea8fe4fca70d162bd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f56242e535bda361ca1456fa8dc3dd3e |
| SHA1 | 0be20eb7fa447c940f2dbbd21fe22097dd88d0ca |
| SHA256 | c31c45796164cf9ca89440014a0aa755ca06a0577d6914cbcb7a1a08353b2133 |
| SHA512 | 25ac50a420ed8ac654c98b32bc624edb2558174c3cdfae857b6b67cbacb5989bf9650ce68caa5d1a4ba5116d7142e6837355252532498feafd50e838dab32c2e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | acd4792c72e0caaf70ebb488ac42c5ef |
| SHA1 | 63bda25a643c8fd1ba54333fb15c76365728d98f |
| SHA256 | 171c9bc9fcc330e1e171bc5627f91e77605dbaee58155e62211dfd62fdfd4f72 |
| SHA512 | 30dbb1341ecb670dd1231d62ed70d3ba52f824b945a83e5163553f5d2c99e7970bec6c05aa4e4c32747f80259e78065cf968be5d290bf7e00a7aac283d43139d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3a5a44ba581bc35cfb92d5e74658f046 |
| SHA1 | dded1fd3655e57ac70b0c50659634928aa7bf02d |
| SHA256 | bb3b66ec816ef2c2358f19abc4d8854c5c9e042e9ff2b6302c34f5db75854435 |
| SHA512 | b91f9467bf0208bad0ee7c46dba587d6c1d5417a28424140090f3c1fc2a908c47929195e4c4bcfc49c3c1691f6821315903256be0362c7c667d908ee2e307d03 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 88b386deb4d41b6dd9e2efee3174dd4d |
| SHA1 | 55fd78c27f2ad0ff67eed1ffda6ddfcf225b509e |
| SHA256 | 5b05ae297f2bc226ff39442420b0cf32fed7acfb5c00c2944313f21a85110011 |
| SHA512 | 733c456bb4907622dedbcfb4dbf6db001efd4319c87e8e8ac3532e1f6532730d3370e2a763fd04b22e6b7172371af852a54a46bce1bd02ac00b82857fe70fb35 |